Thanks, Yoann.
> So you are basically attempting to do OCSP verification on LTM only and not via APM ?
Yes, I use LTM only.
> If so I think you cannot do it unless using C3D (but this requires F5 to generate client certificates on the fly to present to backend).
OK. I understood that it is difficult to send web page with only LTM when auth failer.😊
But, there is still question.
>> I wonder why web access is (correctolly) reject but oscp auth return not 27(X509_V_ERR_CERT_REVOKED) but 0(X509_V_OK).
My recognition, In this case, the return code should be "27" not "0".
Is it right?